Few days ago the release of the new version of OpenSSH 10.0 was announced, which brings with it a series of significant changes in security, efficiency, and preparation for future technological challenges, such as post-quantum cryptography.
This new version permanently removes support for DSA, strengthens the isolation of the authentication process with the new sshd-auth module and adopts a hybrid algorithm Quantum-resistant key exchange. It introduces configuration improvements with advanced expressions and greater flexibility, and modernizes its algorithms by disabling legacy Diffie-Hellman.
DSA says goodbye for good in OpenSSH 10.0
One of the most important changes in OpenSSH 10.0 is the Complete removal of support for DSA-based digital signatures, an algorithm long considered obsolete for failing to meet current security standards. Although the use of DSA keys was disabled by default since 2015, support for it has now been completely removed from the codebase.
Greater isolation of the authentication process
Another new feature in OpenSSH 10.0 is the progressive separation of critical components of the sshd server. While sshd was split in OpenSSH 9.8, in this new version the authentication code is moved to a separate process called sshd-auth. This allows sensitive authentication-related data to remain isolated in a separate memory space, providing an additional layer of protection against potential pre-authentication vulnerabilities. Additionally, offloading this code after authentication is complete results in a slight reduction in memory usage.
Quantum-resistant key exchange
OpenSSH 10.0 stands out for adopting, by default, a hybrid key exchange algorithm that combines X25519 ECDH with ML-KEM (CRYSTALS-Kyber), named mlkem768x25519-sha256. This provides resistance to quantum attacks Thanks to the use of cryptography based on network theory problems, which maintain the same computational difficulty in both classical and quantum architectures. Both algorithms are being standardized by NIST, which reinforces confidence in their robustness.
Advanced expressions and configuration flexibility
The 10.0 version adds substantial improvements to the ssh_config and sshd_config configuration filesToken substitution and environment variable expansion are now supported in SetEnv and User directives, facilitating more dynamic configurations. Also added is the Match version option, which allows conditional rules to be applied based on the detected OpenSSH version.
In addition, support for Match expressions is expanded, including conditions based on session type (Match sessiontype), specific commands (Match exec-command), and even empty tags or omitted commands.
Changes to algorithms, ciphers, and new controls in OpenSSH 10.0
Continuing with the elimination of legacy algorithms, OpenSSH 10.0 disables the use of finite field-based Diffie-Hellman by default, removing the diffie-hellman-group* and diffie-hellman-group-exchange-* variants and instead prioritizing more modern and efficient algorithms
Also operational safety is strengthened: ssh-agent now flushes all loaded keys upon receiving the SIGUSR1 signal, and the ability to enable systemd-style sockets using the LISTEN_PID and LISTEN_FDS flags has been added.
In the field of hardware authentication, ssh-keygen adds support for FIDO tokens that don't return certification data, such as Windows Hello. A new experimental utility, ssh-verify-attestation, is also included, designed to validate data generated by FIDO devices during key registration.
Client improvements, tools, and advanced configuration
The SSH client incorporates the VersionAddendum option, This allows you to add custom text to the version line, a feature that was previously only available on the server. The scp and sftp utilities now have a default option that prevents reusing existing connections, improving security and session control.
File masks are now allowed in the AuthorizedKeysFile and AuthorizedPrincipalsFile directives, facilitating key management on systems with multiple users or dynamic configurations.
Changes to the portable version and security enhancements
In the portable version of OpenSSH 10.0, it is implemented support for AWS-LC, a cryptographic library developed by Amazon for compatibility and performance purposes. It is added support for wtmpdb, A modern version of wtmp that is resistant to the Year 2038 issue. Additionally, new compiler options are included to lock sshd in memory and to build a standalone sk-libfido2 library focused on FIDO security keys.
Finally, a critical security issue is fixed: the DisableForwarding directive did not correctly disable X11 forwarding nor calls to ssh-agent. Although these options are disabled by default on the server and client respectively, the fix ensures consistent and secure behavior.
If you are interested in knowing more about it, you can check the details in the following link.
How to install OpenSSH on Linux?
For those who are interested in being able to install this new version of OpenSSH on their systems, for now they can do it downloading the source code of this and performing the compilation on their computers.
This is because the new version has not yet been included in the repositories of the main Linux distributions. To get the source code, you can do from the following link.
Done the download, now we are going to unzip the package with the following command:
tar -xvf openssh-10.0.tar.gz
We enter the created directory:
cd openssh-10.0
Y we can compile with the following commands:
./configure --prefix = / opt --sysconfdir = / etc / ssh make make install